Cybercriminals allegedly hacked tens of thousands of Fortinet firewalls used by major companies all over the world

Cybercriminals have compromised tens of thousands of Fortinet firewalls and VPNs used In the campaign, hackers first use automated tools to scan the internet for exposed Fortinet firewalls and VPNs. They then break into the devices using lists of previously known passwords. Once a device is compromised, the hackers use it as a listening post, monitoring traffic passing through and collecting any additional credentials that flow Hudson Rock said it found evidence that suggests more than 73,000 unique Fortinet URLs have been hacked, while SOCRadar said the total of hacked devices is more than 30,000. The hacked companies include Accenture, Comcast, Foxconn, Lenovo, Oracle, Samsung, Siemens, and PwC, according to Hudson Rock. The countries with the most affected devices are India, the United States, Taiwan, and Mexico, though victims are located all over the world. The most affected industries are IT services, construction materials, and telecommunications, according to Hudson Rock. Government agencies are also among the victims, per SOCRadar. The group behind the hacking campaign appears to be Russian-speaking. Fortinet said it is aware of a reported third-party credential-harvesting campaign targeting Fortinet firewalls and VPN gateways. The company said based on its analysis the data involved is a resharing of data from previous incidents as well as bruteforcing of credentials and is not related to any recent incident or advisory. The reports are based on the discovery of a list of credentials for Fortinet devices and associated companies. The hacking campaign was first reported